REMARKS 

Applicants respectfully traverse and request reconsideration. 

Claims 1-31 stand rejected under 35 U.S.C. §102(e) as being anticipated by U.S. 
Patent No. 6,510,236 (Crane et al.). Crane is directed to an authentication framework for 
managing authentication requests from multiple authentication devices where the 
authentication devices may be, for example, biometric scanners or smart cards or other 
suitable user authentication device. Crane utilizes a system that enables existing client and 
server based applications to incorporate alternative authentication devices and to their current 
authentication schemes without comprising server trust policies. (See e.g. Abstract). 
Applicants claim an entirely different method and system. For example, Crane utilizes an 
application server 12 as a router to route identification information from a client or 
authentication device 16, to an authentication device server 18. As such, the authentication 
device server receives the user ID and device ID and determines whether the authentication 
device 16 is trusted. The authentication server 18 returns a yes/no response to the application 
server 12 and the application server 12 then returns a token back to the authentication device 
if the authentication server 1 8 indicates that it is ok to trust the authentication device. 

In contrast, Applicants claimed invention, among many advantages, provides differing 
levels of authentication and may utilize an alternate channel during a session to provide 
authentication information in addition to user ID and/or password information to provide 
multi-factor authentication. If desired, the authentication code may be sent to a third unit as 
owned by a user to improve the authentication process since only the user owns the third 
device. In addition, an authentication code may be sent via a different channel than the 
channel used to send the password information. 

The office action equates "the first unit" in Applicants' claim 1 with the 
"authentication server" of Crane and states that the claimed "authentication unit" is the 
device from which the user receives data. Applicants respectfully submit that employing this 
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interpretation of Crane fails to render Applicants' claimed invention unpatentable. For 
example, assuming that the authentication server 18 in Crane is the claimed "first unit", 
Applicants' claim would require that the authentication server 18 of Crane would send user 
identification data to an authentication unit (the device from which the user receives data) 
according to the office action's interpretation. However, the Crane system does not appear to 
operate in such a manner. In fact, the authentication server 18 only receives user 
identification data and does not send any such user identification data to the application 
server 16. Instead, it sends a yes/no response since it performs the authentication itself. (See 
for example, column 5, lines 28-37). As such, the claim is in condition for allowance. 

In addition, the office action alleges that column 4, lines 48-52 allegedly teach using 
the user identification data that was sent by the first unit to the authentication unit, to 
determine which destination unit will receive an authentication code to be used to 
authenticate the user. However, the cited portion does not appear to teach any such 
operation. To the contrary, the cited portion merely states that the client may obtain the 
authentication data from its associated authentication device and then send it to an application 
server 12 which then routes it to the authentication server 18. There is no need in Crane to 
perform the claimed operation since the authentication device or client that sends the ID to 
the application server in Crane also receives the token. Accordingly, the claim is also in 
condition for allowance for this reason. 

The office action also cites the same portion as allegedly teaching sending the 
authentication code to the determined destination unit based on the user identification data. 
However again as noted, there is no determination of which destination unit will receive the 
authentication code (assuming this means token) since the client device that requests 
authentication also receives the token. Applicants also respectfully submit that they are not 
admitting that the token of Crane is the claimed authentication code as the token merely 
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appears to be a structure that allows access to specific applications to the application server 
12 and that the client device does not use the token to authenticate. 

The office action also cites column 5, lines 23-37 as allegedly teaching returning the 
authentication code to the authentication unit. However, again this section merely states that 
the authentication server returns a yes or no response after performing an authentication 
check using the user ID and device ID. As such, if the rejection is maintained, Applicants 
respectfully also request a showing as to which unit in Crane is the claimed determined 
destination unit since it does not appear that any authentication code is sent to a destination 
code and then returned to the authentication unit as claimed. Accordingly, the claim is in 
condition for allowance. 

As to claim 2, as noted above, there does not appear to be a determination, in Crane, 
as to a destination unit that is performed. As such, this claim is also in condition for 
allowance. 

As to claim 3, Applicants also respectfully submit that this claim is allowable at least 
as depending upon an allowable base claim. 

As to claim 4, there does not appear to be any teaching or suggesting of waiting to 
return the authentication code to the authentication unit (authentication device 16) until 
receipt of user input. As noted above, there is no authentication code being communicated 
back to the authentication device. Nor is there any waiting to send it until there is user input. 

As to claim 5, and as noted above, there is no receipt from the determined destination 
unit of the returned authentication code nor of the production of a digitally signed 
authentication code as received from the determined destination unit. Accordingly, this claim 
is also in condition for allowance. 

As to claim 10, Applicants respectfully reassert the relevant remarks made above with 
respect to claim 1 and further note that Crane does not teach or suggest, among other things, a 
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primary wireless channel and a wireless back channel. The cited portion, namely column 4, 
lines 48-52 appears to be silent as to using any kind of a primary authentication information 
on a primary wireless channel and secondary authentication information on a wireless back 
channel to be used to authenticate the user. If the rejection is maintained, Applicants 
respectfully request a showing by column and line number of such teachings. Since 
Applicants are unable to find such teachings, Applicants respectfully submit that the claims 
are in condition for allowance. 

Applicants respectfully submit that the dependent claims are allowable for the reasons 
stated with respect to previous dependent claims. 

In addition, claim 15 requires that the sending of the authentication code on the 
wireless back channel to the destination unit is done using one of a short message session 
channel, paging channel and a control channel. The office action cites column 1, lines 25-39 
and column 6, lines 1-14. However, these cited sections do not appear to be teaching any 
kind of wireless back channel that sends an authentication code to a destination unit based on 
a primary authentication information during a same session as required by the claim. Instead 
they appear to only indicate that the Internet can be used for the Crane invention and that 
wireless communication exists. Accordingly, this claim is also believed to be in condition for 
allowance. 

As to claim 17, Applicants respectfully reassert the relevant remarks made above with 
respect to other independent claims. Accordingly, this claim is also believed to be in 
condition for allowance. 

As to claim 21, Applicants respectfully reassert the relevant remarks made above with 
respect to other independent claims. Accordingly, this claim is also believed to be in 
condition for allowance. 



CHICAGO/# 1277650.1 



14 



Claim 27 is also believed to be allowable for the same reasons given above with 
respect to the independent claims. As such, this claim is also in condition for allowance. 

Accordingly, Applicants respectfully request that a timely Notice of Allowance be 
issued in this case. The Examiner is invited to contact the below-listed attorney if the 
Examiner believes that a telephone conference will advance the prosecution of this 



Vedder, Price, Kaufman & Kammholz, P.C. 
222 N. LaSalle Street 
Chicago, Illinois 60601 
PHONE: (312)609-7599 
FAX: (312)609-5005 



application. 



Respectfully submitted, 



Date: September 8, 2004 




Christopher*. Reckamp 
Registration No. 34,414 
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